Sha256: 01fd2c072e2c3982cb1a003ae46695fcccaba23ba4840c7e8b374a5f1af82654
Contents?: true
Size: 1.4 KB
Versions: 3
Compression:
Stored size: 1.4 KB
Contents
# enable to pass few roles to `attr_accessible` method which is very useful in defining `default` and `admin` attributes
module ActiveModel
module MassAssignmentSecurity
module ClassMethods
def attr_accessible(*args)
options = args.extract_options!
role = options[:as] || [:admin, :default]
self._accessible_attributes = accessible_attributes_configs.dup
Array.wrap(role).each do |name|
self._accessible_attributes[name] = self.accessible_attributes(name) + args
end
self._active_authorizer = self._accessible_attributes
end
end
end
end
module ActiveModel
module MassAssignmentSecurity
class Sanitizer
def sanitize(klass, attributes, authorizers)
rejected = []
sanitized_attributes = attributes.reject do |key, value|
rejected << key if authorizers.all? { |authorizer| authorizer.deny?(key) }
end
process_removed_attributes(klass, rejected) unless rejected.empty?
sanitized_attributes
end
end
end
end
module ActiveModel
module MassAssignmentSecurity
def sanitize_for_mass_assignment(attributes, roles = nil)
_mass_assignment_sanitizer.sanitize(self.class, attributes, mass_assignment_authorizer(roles))
end
def mass_assignment_authorizer(roles)
Array(roles).map { |role| self.class.active_authorizer[role || :default] }
end
end
end
Version data entries
3 entries across 3 versions & 1 rubygems